Start a project
— Legal

Privacy
Policy.

Last updated: 25 May 2026. This policy explains how Vittin d.o.o. ("Vittin", "we", "us") handles personal data when you visit our website or work with us.

1. Who we are

Vittin d.o.o. is a design studio registered in Slovenia. We are the data controller for personal information processed through this website and our client engagements.

Vittin d.o.o.
Goriška ul. 3, 2000 Maribor, Slovenia
Email: vito.vlasic@gmail.com

2. What data we collect

We try to collect as little personal data as we can and only for clear, lawful reasons. The categories of data we may process include:

  • Contact details — name, email address, company name and phone number you share when contacting us or working with us.
  • Project information — briefs, files, brand assets and feedback you provide while we deliver a project.
  • Billing details — company name, VAT number, billing address and bank information needed to issue invoices.
  • Technical data — anonymised information such as approximate location, device type, browser and pages viewed, collected by our website and analytics tools.
  • Cookies — small files stored on your device. See section 7.

3. Why we process your data (legal bases)

  • To respond to your enquiry — based on your consent or our pre-contractual steps.
  • To deliver our services — based on a contract with you or your company.
  • To comply with legal obligations — for example, keeping invoicing records under Slovenian tax law.
  • To improve our website and services — based on our legitimate interest in running and improving our business, balanced against your rights.

4. How long we keep data

We keep personal data only for as long as needed:

  • Enquiry messages: up to 24 months from last contact.
  • Project files and contracts: up to 5 years after the project ends.
  • Invoices and accounting records: 10 years, as required by Slovenian law.
  • Website analytics: aggregated and anonymised data kept up to 26 months.

5. Who we share data with

We do not sell personal data. We share it only with trusted service providers (data processors) that help us run our business, such as:

  • Email and cloud storage providers
  • Accounting and invoicing software
  • Website hosting and analytics
  • Payment providers and banks

Where any provider is outside the European Economic Area, we rely on Standard Contractual Clauses or equivalent safeguards.

6. Your rights

Under the GDPR you have the right to:

  • Access the personal data we hold about you.
  • Correct inaccurate or incomplete data.
  • Request deletion of your data, where applicable.
  • Restrict or object to certain types of processing.
  • Receive your data in a portable format.
  • Withdraw consent at any time, without affecting the lawfulness of earlier processing.
  • Lodge a complaint with the Slovenian Information Commissioner (Informacijski pooblaščenec) at ip-rs.si.

To exercise any of these rights, write to vito.vlasic@gmail.com. We aim to reply within 30 days.

7. Cookies

This website may use:

  • Strictly necessary cookies — required for the site to work.
  • Analytics cookies — used in anonymised form to understand how visitors use the site. Loaded only with your consent.

You can manage cookies through your browser settings at any time. Blocking essential cookies may affect site functionality.

8. Security

We apply reasonable technical and organisational measures — secure storage, access control, encrypted transfers — to protect personal data. No system is perfectly secure, but we take incidents seriously and will notify you and the relevant authority where required by law.

9. Changes to this policy

We may update this policy from time to time. The latest version is always published on this page with an updated date at the top.

10. Contact

If you have any question about this policy or how we handle your data, please email vito.vlasic@gmail.com.

← Back to home